<?php
	//Session class
	class Session {
		private $user_id;
		private $session_token;
		private static $session_status;
		
		//Constructor for Session
		//
		//Param: username, password, email, firstname, lastname, 
		//		 gender, address, contact, date of birth, role, time = null
		function __construct($user_id) {
			$this->setUserID($user_id);
			$this->setToken();
		}	
		
		//Start the session
		static function start() {
			session_start();
			self::setStatus(true);
			//echo "Session started <br />";
		}
		
		//Close the session
		static function close() {
			if (self::getStatus()) {
				session_destroy(); 
				session_write_close();
				self::setStatus(false);
				//echo "Session closed <br />";
			}
		}		
		
		//Getter for User ID
		function getUserID() {
			return $this->user_id;
		}
		//Setter for User ID
		function setUserID($val) {
			$this->user_id = $val;
		}

		//Getter for Status
		static function getStatus() {
			return self::$session_status;
		}
		//Setter for Status
		static function setStatus($val) {
			self::$session_status = $val;
		}
		
		//Getter for Token
		function getToken() {
			return $this->session_token;
		}
		//Setter for Token (randomly generated)
		function setToken() {
			$token = sha1(uniqid(User::findUsername($this->getUserID()), true));
			$this->session_token = $token;
		}
		
		//Remember the Session by putting it into the database
		function remember() {
			$db = Database::get();
			$query = "INSERT INTO " . SESSION_TABLE . "
				(user_id, session_token) VALUES(?, ?);";
			$stmt = $db->prepare($query);
			if ($stmt) {
				$user_id = $this->getUserID();
				$session_token = $this->getToken();
				$stmt->bind_param("ds", $user_id, $session_token);
				$stmt->execute() or die('Invalid query for Session: ' . $db->error);
				$stmt->close();
			} else {
				die('Invalid query: ' . $db->error);
			}

		}

		//Forget the Session by remove it from the database		
		function forget() {
			$db = Database::get();
			$query = "DELETE FROM " . SESSION_TABLE . "
				WHERE user_id = ? AND session_token = ?;";
			$stmt = $db->prepare($query);
			if ($stmt) {
				$user_name = $this->getUserID();
				$session_token = $this->getToken();
				$stmt->bind_param("ss", $user_id, $session_token);
				$stmt->execute() or die('Invalid query for Session: ' . $db->error);
				$stmt->close();
			} else {
				die('Invalid query: ' . $db->error);
			}

		}
		
		//Find the User ID given to token
		//
		//Param: token
		//Return: user ID
		static function findID($token) {
			$db = Database::get();
			$id = 0;
			$query = "SELECT user_id FROM " . SESSION_TABLE . "
					  WHERE session_token = ?;";
			$stmt = $db->prepare($query);
			if ($stmt) {
				$stmt->bind_param("s", $token);
				$stmt->execute() or die('Invalid query for Session: ' . $db->error);
				$stmt->bind_result($id);
				$stmt->fetch() or $id = 0;
				$stmt->close();
			} else {
				die('Invalid query: ' . $db->error);
			}
			
			return intval($id);
		}

		//Remove the entry from the database given the user id and token
		//
		//Param: user id, token
		//Return: Boolean
		static function remove($id, $token) {
			$db = Database::get();
			$query = "DELETE FROM " . SESSION_TABLE . "
				WHERE user_id = ? AND session_token = ?;";
			$stmt = $db->prepare($query);
			if ($stmt) {
				$stmt->bind_param("ds", $id, $token);
				$stmt->execute() or die('Invalid query for Session: ' . $db->error);
				$stmt->close();
				return true;
			} else {
				die('Invalid query: ' . $db->error);
				return false;
			}
		}
	}
?>